#include <openssl/dh.h>
#include <openssl/err.h>
#include <openssl/core_names.h>
-#include "cms_local.h"
+#include "internal/sizes.h"
#include "crypto/evp.h"
+#include "cms_local.h"
static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
X509_ALGOR *alg, ASN1_BIT_STRING *pubkey)
int keylen, plen;
EVP_CIPHER *kekcipher = NULL;
EVP_CIPHER_CTX *kekctx;
- const char *name;
+ char name[OSSL_MAX_NAME_SIZE];
if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
goto err;
if (kekctx == NULL)
goto err;
- name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm));
- if (name == NULL)
+ if (!OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0))
goto err;
kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery);
#include <openssl/cms.h>
#include <openssl/err.h>
#include <openssl/decoder.h>
-#include "cms_local.h"
+#include "internal/sizes.h"
#include "crypto/evp.h"
+#include "cms_local.h"
static EVP_PKEY *pkey_type2param(int ptype, const void *pval,
OSSL_LIB_CTX *libctx, const char *propq)
OSSL_DECODER_CTX_free(ctx);
} else if (ptype == V_ASN1_OBJECT) {
const ASN1_OBJECT *poid = pval;
- const char *groupname;
+ char groupname[OSSL_MAX_NAME_SIZE];
/* type == V_ASN1_OBJECT => the parameters are given by an asn1 OID */
pctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", propq);
if (pctx == NULL || EVP_PKEY_paramgen_init(pctx) <= 0)
goto err;
- groupname = OBJ_nid2sn(OBJ_obj2nid(poid));
- if (groupname == NULL
+ if (!OBJ_obj2txt(groupname, sizeof(groupname), poid, 0)
|| !EVP_PKEY_CTX_set_group_name(pctx, groupname)) {
ERR_raise(ERR_LIB_CMS, CMS_R_DECODE_ERROR);
goto err;
int plen, keylen;
EVP_CIPHER *kekcipher = NULL;
EVP_CIPHER_CTX *kekctx;
- const char *name;
+ char name[OSSL_MAX_NAME_SIZE];
if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
return 0;
kekctx = CMS_RecipientInfo_kari_get0_ctx(ri);
if (kekctx == NULL)
goto err;
- name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm));
+ OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0);
kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery);
if (kekcipher == NULL || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
goto err;
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/evp.h>
+#include "internal/sizes.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
#include "crypto/x509.h"
if (cms->d.envelopedData->encryptedContentInfo->havenocert
&& !cms->d.envelopedData->encryptedContentInfo->debug) {
X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
- const char *name = OBJ_nid2sn(OBJ_obj2nid(calg->algorithm));
+ char name[OSSL_MAX_NAME_SIZE];
+
+ OBJ_obj2txt(name, sizeof(name), calg->algorithm, 0);
(void)ERR_set_mark();
fetched_cipher = EVP_CIPHER_fetch(libctx, name, propq);
#include <openssl/asn1.h>
#include <openssl/cms.h>
#include <openssl/cms.h>
+#include "internal/sizes.h"
#include "crypto/x509.h"
#include "cms_local.h"
const ASN1_OBJECT *digestoid;
const EVP_MD *digest = NULL;
EVP_MD *fetched_digest = NULL;
- const char *alg;
+ char alg[OSSL_MAX_NAME_SIZE];
X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
- alg = OBJ_nid2sn(OBJ_obj2nid(digestoid));
+ OBJ_obj2txt(alg, sizeof(alg), digestoid, 0);
(void)ERR_set_mark();
fetched_digest = EVP_MD_fetch(ossl_cms_ctx_get0_libctx(ctx), alg,
#include <openssl/cms.h>
#include <openssl/rand.h>
#include <openssl/aes.h>
-#include "cms_local.h"
+#include "internal/sizes.h"
#include "crypto/asn1.h"
+#include "cms_local.h"
int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
unsigned char *pass, ossl_ssize_t passlen)
int r = 0;
X509_ALGOR *algtmp, *kekalg = NULL;
EVP_CIPHER_CTX *kekctx = NULL;
- const char *name;
+ char name[OSSL_MAX_NAME_SIZE];
EVP_CIPHER *kekcipher;
unsigned char *key = NULL;
size_t keylen;
return 0;
}
- name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm));
+ OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0);
kekcipher = EVP_CIPHER_fetch(ossl_cms_ctx_get0_libctx(cms_ctx), name,
ossl_cms_ctx_get0_propq(cms_ctx));
#include <openssl/err.h>
#include <openssl/cms.h>
#include <openssl/ess.h>
-#include "cms_local.h"
+#include "internal/sizes.h"
#include "crypto/asn1.h"
#include "crypto/evp.h"
#include "crypto/cms.h"
#include "crypto/ess.h"
#include "crypto/x509.h" /* for ossl_x509_add_cert_new() */
+#include "cms_local.h"
/* CMS SignedData Utilities */
/* See if digest is present in digestAlgorithms */
for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
const ASN1_OBJECT *aoid;
+ char name[OSSL_MAX_NAME_SIZE];
+
alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
X509_ALGOR_get0(&aoid, NULL, NULL, alg);
- if (OBJ_obj2nid(aoid) == EVP_MD_type(md))
+ OBJ_obj2txt(name, sizeof(name), aoid, 0);
+ if (EVP_MD_is_a(md, name))
break;
}
int alen;
size_t siglen;
const CMS_CTX *ctx = si->cms_ctx;
- const char *md_name = OBJ_nid2sn(OBJ_obj2nid(si->digestAlgorithm->algorithm));
+ char md_name[OSSL_MAX_NAME_SIZE];
- if (md_name == NULL)
+ if (!OBJ_obj2txt(md_name, sizeof(md_name),
+ si->digestAlgorithm->algorithm, 0))
return 0;
if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) {
EVP_MD_CTX *mctx = NULL;
unsigned char *abuf = NULL;
int alen, r = -1;
- const char *name;
+ char name[OSSL_MAX_NAME_SIZE];
const EVP_MD *md;
EVP_MD *fetched_md = NULL;
const CMS_CTX *ctx = si->cms_ctx;
if (!ossl_cms_si_check_attributes(si))
return -1;
- name = OBJ_nid2sn(OBJ_obj2nid(si->digestAlgorithm->algorithm));
+ OBJ_obj2txt(name, sizeof(name), si->digestAlgorithm->algorithm, 0);
(void)ERR_set_mark();
fetched_md = EVP_MD_fetch(libctx, name, propq);
unsigned char *iv = NULL; /* initial vector for symmetric encryption */
unsigned char *outbuf = NULL; /* decryption output buffer */
const unsigned char *p = NULL; /* needed for decoding ASN1 */
- int symmAlg = 0; /* NIDs for symmetric algorithm */
int n, outlen = 0;
EVP_PKEY_CTX *pkctx = NULL; /* private key context */
ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
return NULL;
}
- if ((symmAlg = OBJ_obj2nid(ecert->symmAlg->algorithm)) == 0) {
- ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_CIPHER);
- return NULL;
- }
/* select symmetric cipher based on algorithm given in message */
- if ((cipher = EVP_get_cipherbynid(symmAlg)) == NULL) {
+ if ((cipher = EVP_get_cipherbyobj(ecert->symmAlg->algorithm)) == NULL) {
ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_CIPHER);
goto end;
}
#include <openssl/rand.h>
#include <openssl/evp.h>
-#include "crmf_local.h"
-
/* explicit #includes not strictly needed since implied by the above: */
#include <openssl/asn1t.h>
#include <openssl/crmf.h>
#include <openssl/params.h>
#include <openssl/core_names.h>
+#include "internal/sizes.h"
+
+#include "crmf_local.h"
+
/*-
* creates and initializes OSSL_CRMF_PBMPARAMETER (section 4.4)
* |slen| SHOULD be at least 8 (16 is common)
unsigned char **out, size_t *outlen)
{
int mac_nid, hmac_md_nid = NID_undef;
- const char *mdname;
+ char mdname[OSSL_MAX_NAME_SIZE];
+ char hmac_mdname[OSSL_MAX_NAME_SIZE];
EVP_MD *owf = NULL;
EVP_MD_CTX *ctx = NULL;
unsigned char basekey[EVP_MAX_MD_SIZE];
* compute the key used in the MAC process. All implementations MUST
* support SHA-1.
*/
- mdname = OBJ_nid2sn(OBJ_obj2nid(pbmp->owf->algorithm));
+ OBJ_obj2txt(mdname, sizeof(mdname), pbmp->owf->algorithm, 0);
if ((owf = EVP_MD_fetch(libctx, mdname, propq)) == NULL) {
ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_ALGORITHM);
goto err;
mac_nid = OBJ_obj2nid(pbmp->mac->algorithm);
if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, mac_nid, NULL, &hmac_md_nid, NULL)
- || (mdname = OBJ_nid2sn(hmac_md_nid)) == NULL) {
+ || !OBJ_obj2txt(hmac_mdname, sizeof(hmac_mdname),
+ OBJ_nid2obj(hmac_md_nid), 0)) {
ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_ALGORITHM);
goto err;
}
macparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
- (char *)mdname, 0);
+ (char *)hmac_mdname, 0);
if ((mac = EVP_MAC_fetch(libctx, "HMAC", propq)) == NULL
|| (mctx = EVP_MAC_CTX_new(mac)) == NULL
|| !EVP_MAC_CTX_set_params(mctx, macparams)
ASN1_OBJECT *key_oid,
const unsigned char *ukm, size_t ukmlen, const EVP_MD *md)
{
- int nid;
- const char *key_alg = NULL;
+ char key_alg[OSSL_MAX_NAME_SIZE];
const OSSL_PROVIDER *prov = EVP_MD_provider(md);
OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
- nid = OBJ_obj2nid(key_oid);
- if (nid == NID_undef)
- return 0;
- key_alg = OBJ_nid2sn(nid);
- if (key_alg == NULL)
+ if (!OBJ_obj2txt(key_alg, sizeof(key_alg), key_oid, 0))
return 0;
return ossl_dh_kdf_X9_42_asn1(out, outlen, Z, Zlen, key_alg,
* default_fixup_args() will then be able to convert that to the
* corresponding OSSL_PARAM.
*/
- ctx->p2 = (char *)OBJ_nid2sn(OBJ_obj2nid(ctx->p2));
+ OBJ_obj2txt(ctx->name_buf, sizeof(ctx->name_buf), ctx->p2, 0);
+ ctx->p2 = (char *)ctx->name_buf;
ctx->p1 = 0; /* let default_fixup_args() figure out the length */
}
*/
#include <stdio.h>
-#include "internal/cryptlib.h"
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/err.h>
+#include "internal/cryptlib.h"
+#include "internal/sizes.h"
#include "pk7_local.h"
static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
const PKCS7_CTX *ctx)
{
BIO *btmp;
- const char *name;
+ char name[OSSL_MAX_NAME_SIZE];
EVP_MD *fetched = NULL;
const EVP_MD *md;
goto err;
}
- name = OBJ_nid2sn(OBJ_obj2nid(alg->algorithm));
+ OBJ_obj2txt(name, sizeof(name), alg->algorithm, 0);
(void)ERR_set_mark();
fetched = EVP_MD_fetch(ossl_pkcs7_ctx_get0_libctx(ctx), name,
PKCS7_RECIP_INFO *ri = NULL;
unsigned char *ek = NULL, *tkey = NULL;
int eklen = 0, tkeylen = 0;
- const char *name;
+ char name[OSSL_MAX_NAME_SIZE];
const PKCS7_CTX *p7_ctx;
OSSL_LIB_CTX *libctx;
const char *propq;
data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
- name = OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm));
+ OBJ_obj2txt(name, sizeof(name), enc_alg->algorithm, 0);
(void)ERR_set_mark();
evp_cipher = EVP_CIPHER_fetch(libctx, name, propq);
enc_alg = p7->d.enveloped->enc_data->algorithm;
/* data_body is NULL if the optional EncryptedContent is missing. */
data_body = p7->d.enveloped->enc_data->enc_data;
- name = OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm));
+ OBJ_obj2txt(name, sizeof(name), enc_alg->algorithm, 0);
(void)ERR_set_mark();
evp_cipher = EVP_CIPHER_fetch(libctx, name, propq);
goto err;
}
- name = OBJ_nid2sn(OBJ_obj2nid(xa->algorithm));
+ OBJ_obj2txt(name, sizeof(name), xa->algorithm, 0);
(void)ERR_set_mark();
evp_md = EVP_MD_fetch(libctx, name, propq);
int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
{
- int i, j, nid;
+ int i, j;
+ ASN1_OBJECT *obj;
X509_ALGOR *alg;
STACK_OF(PKCS7_SIGNER_INFO) *signer_sk;
STACK_OF(X509_ALGOR) *md_sk;
return 0;
}
- nid = OBJ_obj2nid(psi->digest_alg->algorithm);
-
+ obj = psi->digest_alg->algorithm;
/* If the digest is not currently listed, add it */
j = 0;
for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
alg = sk_X509_ALGOR_value(md_sk, i);
- if (OBJ_obj2nid(alg->algorithm) == nid) {
+ if (OBJ_cmp(obj, alg->algorithm) == 0) {
j = 1;
break;
}
}
if (!j) { /* we need to add another algorithm */
+ int nid;
+
if ((alg = X509_ALGOR_new()) == NULL
|| (alg->parameter = ASN1_TYPE_new()) == NULL) {
X509_ALGOR_free(alg);
ERR_raise(ERR_LIB_PKCS7, ERR_R_MALLOC_FAILURE);
return 0;
}
- alg->algorithm = OBJ_nid2obj(nid);
+ /*
+ * If there is a constant copy of the ASN1 OBJECT in libcrypto, then
+ * use that. Otherwise, use a dynamically duplicated copy
+ */
+ if ((nid = OBJ_obj2nid(obj)) != NID_undef)
+ alg->algorithm = OBJ_nid2obj(nid);
+ else
+ alg->algorithm = OBJ_dup(obj);
alg->parameter->type = V_ASN1_NULL;
- if (!sk_X509_ALGOR_push(md_sk, alg)) {
+ if (alg->algorithm == NULL || !sk_X509_ALGOR_push(md_sk, alg)) {
X509_ALGOR_free(alg);
return 0;
}
*/
#include "e_os.h"
-#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/ts.h>
#include <openssl/pkcs7.h>
#include <openssl/crypto.h>
-#include "ts_local.h"
+#include "internal/cryptlib.h"
+#include "internal/sizes.h"
#include "crypto/ess.h"
+#include "ts_local.h"
DEFINE_STACK_OF_CONST(EVP_MD)
TS_REQ *request = ctx->request;
TS_MSG_IMPRINT *msg_imprint;
X509_ALGOR *md_alg;
- int md_alg_id;
+ char md_alg_name[OSSL_MAX_NAME_SIZE];
const ASN1_OCTET_STRING *digest;
const EVP_MD *md = NULL;
int i;
msg_imprint = request->msg_imprint;
md_alg = msg_imprint->hash_algo;
- md_alg_id = OBJ_obj2nid(md_alg->algorithm);
+ OBJ_obj2txt(md_alg_name, sizeof(md_alg_name), md_alg->algorithm, 0);
for (i = 0; !md && i < sk_EVP_MD_num(ctx->mds); ++i) {
const EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i);
- if (md_alg_id == EVP_MD_type(current_md))
+ if (EVP_MD_is_a(current_md, md_alg_name))
md = current_md;
}
if (!md) {